Last updated and effective: June 23, 2020
When you interact with us through the Services, we may collect information from you, as further described below:
Information You Provide: We collect information from you when you voluntarily provide such information, such as when you register for access to the Services or use certain Services. Information we collect may include but not be limited to username, email address, and any messages, images, transient VOIP data (to enable communication delivery only) or other content you send via the chat feature.
Data We Collect Automatically: When you interact with us through the Services, we receive and store certain information such as an IP address, device ID, and your activities within the Services. We may store such information or such information may be included in databases owned and maintained by affiliates, agents or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of messages users have sent, as well as the sites which refer visitors to Discord.
Aggregated Information: In an ongoing effort to better understand and serve the users of the Services, we may conduct research on our customer demographics, interests and behavior based on the information collected. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents and business partners. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
Info through other Services: You may give us permission to collect your information in other services. For example, you may connect a social networking service ("SNS") such as Facebook or Twitter to your Discord account. When you do this, it allows us to obtain information from those accounts (for example, your friends or contacts).
We may use third party web site analytic tools such as Google Analytics on our website that employ cookies to collect certain information concerning your use of our Services. However, you can disable cookies by changing your browser settings. Further information about the procedure to follow in order to disable cookies can be found on your Internet browser provider's website via your help screen.
Advertisements: You may see our Service advertised in other applications or websites. After clicking on one of these advertisements and installing our Service, you will become a user of the Service. Advertising platforms, which include Twitter and Facebook (and whose SDKs are integrated within our Service), may collect information for optimizing advertising campaigns outside of the Service.
The Company is based in the United States. No matter where you are located, you consent to the processing and transferring of your information in and to the U.S. and other countries. The laws of the U.S. and other countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live.
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds are as follows:
Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals: This includes:
Providing a safe and enjoyable user experience;
Marketing, e.g. sending emails or other communications to let you know about new features;
Protecting our users, personnel, and property;
Analyzing and improving our business, e.g. collecting information about how you use our Services to optimize the design and placement of certain features;
Processing job applications;
Managing legal issues.
Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations.
To protect the vital interests of the individual or others: For example, we may collect or share personal data to help resolve an urgent medical situation.
Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
The Company is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your information with certain third parties, as set forth below:
Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, bankruptcy, dissolution or similar event, your information may be part of the transferred assets.
Consent: We may transfer your information with your consent.
Developers: Developers using our SDK or API will have access to their end users’ information, including message content, message metadata, and voice metadata. Developers must use such information only to provide the SDK/API functionality within their applications and/or services.
Agents, Consultants and Related Third Parties: Like many businesses, we sometimes hire other companies or individuals to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments.
Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of the Company or Related Companies, (iii) protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.
Aggregated or Non-identifiable Data: We may also share aggregated or non-personally identifiable information with our partners or others for business purposes.
You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.
Our Services are for users age 13 and over and we do not knowingly collect personal information from children under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personal information to us please contact us at dis.gd/request and select "Parent of a user" as your report type option. Note: In some countries, the age of digital consent is older than 13. If you are in those countries, you must be at least that age to use the Services. For example, for residents of the EEA, where processing of personal information is based on consent, Discord will not knowingly engage in that processing for users under the age of consent established by applicable data protection law. If we learn that we are engaged in that processing with such users, we will halt such processing and will take reasonable measures to promptly remove applicable information from our records.
We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.
We take reasonable steps to protect the information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any information via the Internet.
We believe that users should be treated equally no matter where they are, and so we are making the following options to control your data available to all users, regardless of their location.
You can update certain information by accessing your profile via “Settings.” You can also unsubscribe from certain emails by clicking the “unsubscribe” link they contain. You can opt out from certain cookie-related processing by following the instructions above in “Other Information.”
Individuals in California, the European Economic Area, Canada, Costa Rica and some other jurisdictions outside the United States have certain legal rights to obtain confirmation of whether we hold personal data about them, to access personal data we hold about them (including, in some cases, in portable form), and to obtain its correction, update, amendment or deletion in appropriate circumstances. They may also object to our uses or disclosures of personal data, to request a restriction on its processing, or withdraw any consent, though such actions typically will not have retroactive effect. They also will not affect our ability to continue processing data in lawful ways.
If you would like to submit a data access request, you can do so from the “Settings” page of the Services, where there is a button to download your data. We will then start the process and provide you a link to access the personal data that Discord has on you within 30 days.
In addition to the functionality available through the “Settings” of the Services, in which you can correct, update, amend, or delete certain personal data, you can also request other modifications from us directly. Please write us at firstname.lastname@example.org with the words “Personal Data Request” in the subject or body of your message, along with an explanation of what data subject right you are seeking to exercise. For your protection, we may take steps to verify identity before responding to your request.
You have a right to ask us to stop using or limit our use of your personal data in certain circumstances—for example, if we have no lawful basis to keep using your data, or if you think your personal data is inaccurate.
Discord offers you the ability to restrict the processing of your data for specific uses, which you can find in the “Settings” page of the services. Individuals in the European Economic Area have the right to opt out of all of our processing of their personal data for direct marketing purposes. To exercise this right, please see the “Settings” page for your Account. You may also click the “unsubscribe” link in any of our marketing emails.
The rights and options described above are subject to limitations and exceptions under applicable law. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.
Discord is potentially liable for onward transfers to third parties of personal data of EU or Swiss individuals received pursuant to Privacy Shield. Discord is subject to oversight by the U.S. FTC. JAMS is the US-based alternative dispute resolution provider responsible for reviewing and resolving complaints about Discord’s Privacy Shield compliance. We ask that you first submit any complaints to us at email@example.com. If you aren't satisfied with our response, you can then contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.
We’ve appointed VeraSafe as Discord’s representative in the EEA for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Economic Area. You can contact VeraSafe, in addition to firstname.lastname@example.org, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative or via telephone at +420 228 881 031.
Alternatively, you can contact VeraSafe at: VeraSafe Ireland Ltd Unit 3D North Point House North Point Business Park New Mallow Road Cork T23AT2P Ireland
Consumers residing in California are afforded certain additional rights with respect to their personal information under the California Consumer Privacy Act or (“CCPA”) and the “Shine the Light” Law. If you are a California resident, this section applies to you.
California Consumer Privacy Act
Our Collection and Use of Personal Information: We collect the following categories of personal information: identifiers (such as your username, the email address you use to sign up, and your phone number, if you’ve chosen to provide it); commercial information (a record of what you’ve bought from Discord, if anything); financial data (payment information, if you’ve bought anything from Discord); internet or other network information (how you interact with the application); location information (because your IP address may indicate your general location); inference data about you; and other information that identifies or can be reasonably associated with you. For examples of the precise data points we collect and the sources of such collection, please see the “INFORMATION WE COLLECT” section above. We collect personal information for the business and commercial purposes described in “OUR USE OF YOUR INFORMATION” above.
Disclosure of Personal Information: We may share your personal information with third parties as described in the “OUR DISCLOSURE OF YOUR INFORMATION” section above. We disclose the categories of personal information mentioned above for business or commercial purposes.
No Sale of Personal Information: The CCPA sets forth certain obligations for businesses that sell personal information. We do not sell the personal information of our users.
Exercising Your Consumer Rights: If you are a California resident, you have the right to request (1) more information about the categories and specific pieces of personal information we have collected and disclosed for a business purpose in the last 12 months, (2) deletion of your personal information, and (3) to opt out of sales of your personal information, if applicable. Details on how to make these requests are in the “YOUR DATA RIGHTS AND CHOICES” section above. We will not discriminate against you if you exercise your rights under the CCPA.
Requests Received: We received the following number of data requests between June 20, 2019 and June 20, 2020:
Number of North American requests to know Received: 105,531 Completed: 101,391 Incomplete (due to account deletion prior to completion or invalid email address): 4,140 Average time to resolution: 5 days
Number of worldwide requests to delete Received: 55,143 Completed: 52,508 Incomplete (due to incorrect email confirmation or non-existent email address): 2,635 Average time to resolution: 3 days
Number of requests to opt-out Because Discord does not sell the personal information of our users to third parties, this is not applicable.